Skip to main content
  1. Home
  2. Computing
  3. News

U.S. House of Representatives approves Email Privacy Act, Senate up next

By

email privacy act passes house congress
Image used with permission by copyright holder
For about 31 years now, our electronic data — such as our email messages — has been protected by the Electronic Communications Privacy Act (ECPA). That’s just about forever in technology, and the ECPA was thus enacted long before the internet became such a widespread phenomenon.

Since 2011, privacy-minded individuals and organizations like the Electronic Frontier Foundation, along with a number of technology companies, have been calling for the ECPA to be revised to bring it in line with modern privacy considerations. Now, the United States House of Representatives has passed a new Email Privacy Act that could address some concerns with the aging ECPA, as PCWorld reports.

The Email Privacy Act is primarily concerned with revising how law enforcement agencies can gain access to users’ electronic records, and seeks to protect data no matter how long it’s existed. Its mission is to address the ECPA provision that affords more protection to newer data, requiring judges to issues warrants for accessing data on paper or electronically that was stored within the previous 180 days.

Related

Beyond 180 days, according to the ECPA, law enforcement agencies armed with mere subpoenas can get access to cloud- or third-party-hosted data that’s older than 180 days. The Email Privacy Act would amend that to require judge-issued warrants for this older data as well.

The Email Privacy Act will now need to make its way through the Senate before heading to the president for his signature, something that a similar billed passed unanimously by the U.S. House of Representatives in April 2016 failed to do. The new law has 109 cosponsors in the House, making it a popular bill in that chamber of Congress, while critics fear that the law will make it more difficult for law enforcement to investigate crimes and terrorism.

Should the bill become law, organizations like the Consumer Technology Association will be thrilled. As Gary Shapiro, that organization’s president and CEO, put it, “(The ECPA was) written before Congress could imagine U.S. citizens sharing and storing personal information on third-party servers, (and) is woefully out of date.” Clearly, he’s correct, as only 10 million email accounts exists when the ECPA became the law of the land — far less than the billions of users passing information around the internet today.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more